CISA, FBI, USCYBEROM Issue Warning on ‘Kimsuky’ North Korean-Backed Hacking Group

CISA, FBI, USCYBEROM Issue Warning on ‘Kimsuky’ North Korean-Backed Hacking Group
Advanced Persistent Threat

The FBI, Cybersecurity and Infrastructure Security Agency (CISA) and U.S. Cyber Command Cyber National Mission Force (CNMF) have issued a joint advisory to warn the public of a North Korean-linked hacking group called Kimsuky.

The advanced persistent threat (APT) group uses social engineering and spearphishing tactics to infiltrate U.S. systems, according to the notice dated Tuesday.

CISA, FBI and CNMF utilized data from intelligence reporting and open-source databases to consolidate Kimsuky's tactics, techniques and procedures (TTP).

Kimsuky has also used stolen web hosting credentials to disseminate threats and created subdomains to mimic websites such as Google and Yahoo.

According to the advisory, Kimsuky conducts intelligence collection operations against organizations and individuals in the U.S., Japan and South Korea. The APT group was most likely launched in 2012, the notice states.

You may also be interested in...

Bruce Caswell

Maximus Reports Q4 FY 2020 Results; Bruce Caswell Quoted

Maximus has reported financial results for the fourth quarter and full year, which ended Sept. 30, 2020. for fiscal 2020, revenue increased to $3.46 billion compared to $2.89 billion reported for the same period last year. Maximus reported organic growth of 15.7 percent in fiscal 2020, or 4.6 percent excluding the Census contract.